Versions Compared

Old Version 32

changes.mady.by.user Justin

Saved on

compared with

New Version 33

changes.mady.by.user Justin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

NameDescriptionScreens (Click to view)

API Key

A An automatically generated unique identifier used to authenticate to an API document.

Figure 1: Manage API Key in a userview


Figure 2: Manage API Key - Log view


Figure 3: Manage API Key - New/Edit access

Authentication MethodMethods available:
  • API Key
  • API Key & Token
  • Basic access authentication

Required keys in the request header:

MethodRequired Key(s)
API Key
  • api_id (API Document ID obtained from API Properties)
  • api_keykey (The automatically generated API Key)

API Key & Token

  • api_id
  • api_key
  • token (Value derived from configured token pattern)

Basic access authentication

  • api_id
  • api_key
  • Authorization (Base64 encoded value of username:password)
Tip
titleExample

For username "admin" & password of "admin":

admin:admin  Basic YWRtaW46YWRtaW4=

API Secret

(API Key & Token method)

A secret string used for authentication.

Token Pattern

(API Key & Token method)

Token Pattern consists of hash algorithm and variables.

Format:

  • HASH(PATTERN)

Supported hash algorithm:

  • MD5
  • SHA-1
  • SHA-256
  • SHA-512

Supported variables:

  • {api_key}
  • {api_secret}
  • {date_pattern} (current date time)

Examples:

  • SHA-256({api_key}::{api_secret}::{yyyy-MM-dd HH:mm})
  • MD5({api_secret})
Note

Token pattern must contain at least one and only one hash algorithm.

Permission Plugin

(Basic access authentication method)

Select a permission plugin and configure its properties.

Find list of available permission plugins here.

Custom Authenticator Plugin

Select a custom authenticator plugin and configure its properties.

This option is shown only if a plugin of that type exist in the system.

Learn more about API Authenticator plugin here.

Custom Authentication Method

Methods available:

  • Add as additional authentication method
  • Replace the default authentication method
Note
API Key is always required regardless of method selected here.
Domain Whitelist

Domain whitelist to allow API calls.

Info
titleExample

"localhost;www.joget.org;dev.joget.org”, or "*" to allow from everywhere.

IP Address Whitelist

IP address whitelist to allow API calls.

Info
titleExample

"127.0.0.1;192.168.0.1”, or "*" to allow from everywhere.

RemarkAny remark or description for the created API access.

...